General

  • Target

    JaffaCakes118_401fa0fe1b9a872b5d1904cfeb280939593c67a1635309a9f922294cdda157ad

  • Size

    369KB

  • MD5

    f8745e2ce926162833a99e1557353eba

  • SHA1

    b982f108a37d921d9f68e06ae7bbf9f9b3a25e78

  • SHA256

    401fa0fe1b9a872b5d1904cfeb280939593c67a1635309a9f922294cdda157ad

  • SHA512

    9b108ec9cd78ccc736be96088dc87b4178e1be65a6c8b79ce0eb4a62a38d1ddf7178fce1345494b70c6aeba0d681b806fe11d8f8c2006157e85b2ee77a634e4e

  • SSDEEP

    6144:9S9nLpafTIAI8hvYXQmmwS9nLpafTIAI8hvYXQmmk:onL4LI8heQmcnL4LI8heQm3

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

b47h

Decoy

whistleblow-now.com

14live-msa.one

yenitedarikciniz.xyz

marmargoods.com

full-funs.com

saoraigne.com

noemiaguesthouse.space

datatobe.community

sollight.net

wavestudios.pro

freeorama.com

fasinixiaoribenguizi032.com

mariajaq.com

hyper.vote

aedin.dev

docind.com

zhulinx.com

estairon.best

mlnphotography.art

1948ardithdr.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs

Files

  • JaffaCakes118_401fa0fe1b9a872b5d1904cfeb280939593c67a1635309a9f922294cdda157ad